Parent

Class/Module Index [+]

Quicksearch

Rex::Post::Meterpreter::Ui::Console::CommandDispatcher::Priv::Timestomp

This class provides commands that interact with the timestomp feature set of the privilege escalation extension.

Constants

Klass

Public Instance Methods

cmd_timestomp(*args) click to toggle source

This command provides the same level of features that vinnie's command line timestomp interface provides with a similar argument set.

# File lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb, line 52
def cmd_timestomp(*args)
        if (args.length < 2)
                print_line("\nUsage: timestomp file_path OPTIONS\n" +
                        @@timestomp_opts.usage)
                return
        end

        file_path = args.shift
        modified  = nil
        accessed  = nil
        creation  = nil
        emodified = nil

        @@timestomp_opts.parse(args) { |opt, idx, val|
                case opt
                        when "-m"
                                modified  = str_to_time(val)
                        when "-a"
                                accessed  = str_to_time(val)
                        when "-c"
                                creation  = str_to_time(val)
                        when "-e"
                                emodified = str_to_time(val)
                        when "-z"
                                print_line("#{val}")
                                modified  = str_to_time(val)
                                accessed  = str_to_time(val)
                                creation  = str_to_time(val)
                                emodified = str_to_time(val)
                        when "-f"
                                print_status("Setting MACE attributes on #{file_path} from #{val}")
                                client.priv.fs.set_file_mace_from_file(file_path, val)
                        when "-b"
                                print_status("Blanking file MACE attributes on #{file_path}")
                                client.priv.fs.blank_file_mace(file_path)
                        when "-r"
                                print_status("Blanking directory MACE attributes on #{file_path}")
                                client.priv.fs.blank_directory_mace(file_path)
                        when "-v"
                                hash = client.priv.fs.get_file_mace(file_path)

                                print_line("Modified      : #{hash['Modified']}")
                                print_line("Accessed      : #{hash['Accessed']}")
                                print_line("Created       : #{hash['Created']}")
                                print_line("Entry Modified: #{hash['Entry Modified']}")
                        when "-h"
                                print_line("\nUsage: timestomp file_path OPTIONS\n" +
                                        @@timestomp_opts.usage)
                                return
                end
        }

        # If any one of the four times were specified, change them.
        if (modified or accessed or creation or emodified)
                print_status("Setting specific MACE attributes on #{file_path}")
                client.priv.fs.set_file_mace(file_path, modified, accessed,
                        creation, emodified)
        end
end
commands() click to toggle source

List of supported commands.

# File lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb, line 35
def commands
        {
                "timestomp" => "Manipulate file MACE attributes"
        }
end
name() click to toggle source

Name for this dispatcher.

# File lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb, line 44
def name
        "Priv: Timestomp"
end

[Validate]

Generated with the Darkfish Rdoc Generator 2.